const char *scconf_get_str(const scconf_block * block, const char *option, const char *def)
{
const scconf_list *list;
list = scconf_find_list(block, option);
return !list ? def : list->data;
}
int scconf_get_int(const scconf_block * block, const char *option, int def)
{
const scconf_list *list;
list = scconf_find_list(block, option);
return !list ? def : strtol(list->data, NULL, 0);
}
/* create slots associated with a reader, called whenever a reader is seen. */
CK_RV initialize_reader(sc_reader_t *reader)
{
unsigned int i;
CK_RV rv;
scconf_block *conf_block = NULL;
const scconf_list *list = NULL;
conf_block = sc_get_conf_block(context, "pkcs11", NULL, 1);
if (conf_block != NULL) {
list = scconf_find_list(conf_block, "ignored_readers");
while (list != NULL) {
if (strstr(reader->name, list->data) != NULL) {
sc_debug(context, SC_LOG_DEBUG_NORMAL, "Ignoring reader \'%s\' because of \'%s\'\n", reader->name, list->data);
return CKR_OK;
}
list = list->next;
}
}
for (i = 0; i < sc_pkcs11_conf.slots_per_card; i++) {
rv = create_slot(reader);
if (rv != CKR_OK)
return rv;
}
if (sc_detect_card_presence(reader)) {
card_detect(reader);
}
return CKR_OK;
}
static int
load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *opts)
{
int err = 0;
const scconf_list *list;
const char *val, *s_internal = "internal";
int debug;
int reopen;
#ifdef _WIN32
char expanded_val[PATH_MAX];
DWORD expanded_len;
#endif
reopen = scconf_get_bool(block, "reopen_debug_file", 1);
debug = scconf_get_int(block, "debug", ctx->debug);
if (debug > ctx->debug)
ctx->debug = debug;
val = scconf_get_str(block, "debug_file", NULL);
if (val) {
#ifdef _WIN32
expanded_len = PATH_MAX;
expanded_len = ExpandEnvironmentStringsA(val, expanded_val, expanded_len);
if (expanded_len > 0)
val = expanded_val;
#endif
if (reopen)
ctx->debug_filename = strdup(val);
sc_ctx_log_to_file(ctx, val);
}
ctx->paranoid_memory = scconf_get_bool (block, "paranoid-memory",
ctx->paranoid_memory);
ctx->enable_default_driver = scconf_get_bool (block, "enable_default_driver",
ctx->enable_default_driver);
val = scconf_get_str(block, "force_card_driver", NULL);
if (val) {
if (opts->forced_card_driver)
free(opts->forced_card_driver);
opts->forced_card_driver = strdup(val);
}
list = scconf_find_list(block, "card_drivers");
if (list != NULL)
del_drvs(opts);
while (list != NULL) {
if (strcmp(list->data, s_internal) == 0)
add_internal_drvs(opts);
else
add_drv(opts, list->data);
list = list->next;
}
return err;
}
int scconf_get_bool(const scconf_block * block, const char *option, int def)
{
const scconf_list *list;
list = scconf_find_list(block, option);
if (!list) {
return def;
}
return toupper((int) *list->data) == 'T' || toupper((int) *list->data) == 'Y';
}
const char *scconf_get_str(const scconf_block * block, const char *option, const char *def)
{
const scconf_list *list;
list = scconf_find_list(block, option);
if (!list)
return def;
/* ignore non 'auto-configurated' values */
if (*list->data == '@' && *(list->data + strlen(list->data) - 1) == '@')
return def;
return list->data;
}
static int
load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *opts)
{
int err = 0;
const scconf_list *list;
const char *val;
int debug;
#ifdef _WIN32
char expanded_val[PATH_MAX];
DWORD expanded_len;
#endif
debug = scconf_get_int(block, "debug", ctx->debug);
if (debug > ctx->debug)
ctx->debug = debug;
val = scconf_get_str(block, "debug_file", NULL);
if (val) {
#ifdef _WIN32
expanded_len = PATH_MAX;
expanded_len = ExpandEnvironmentStringsA(val, expanded_val, expanded_len);
if (0 < expanded_len && expanded_len < sizeof expanded_val)
val = expanded_val;
#endif
sc_ctx_log_to_file(ctx, val);
}
else if (ctx->debug) {
sc_ctx_log_to_file(ctx, NULL);
}
if (scconf_get_bool (block, "disable_popups",
ctx->flags & SC_CTX_FLAG_DISABLE_POPUPS))
ctx->flags |= SC_CTX_FLAG_DISABLE_POPUPS;
if (scconf_get_bool (block, "disable_colors",
ctx->flags & SC_CTX_FLAG_DISABLE_COLORS))
ctx->flags |= SC_CTX_FLAG_DISABLE_COLORS;
if (scconf_get_bool (block, "enable_default_driver",
ctx->flags & SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER))
ctx->flags |= SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER;
list = scconf_find_list(block, "card_drivers");
set_drivers(opts, list);
return err;
}
static int print_card_remove_action(void)
{
const scconf_block *pkcs11_eventmgr;
scconf_block **event_blocks = NULL;
scconf_context *ctx = NULL;
const scconf_list *actionList = NULL;
int result = 1;
/*
* read the pkcs11_eventmgr.conf to get our action
*/
ctx = scconf_new(EVENTMGR_CONF);
if (ctx == NULL) {
goto bail;
}
if (scconf_parse(ctx) <= 0) {
goto bail;
}
pkcs11_eventmgr = scconf_find_block(ctx, NULL, "pkcs11_eventmgr");
if (!pkcs11_eventmgr) {
goto bail;
}
event_blocks = scconf_find_blocks(ctx, pkcs11_eventmgr, "event",
"card_remove");
if (!event_blocks || !event_blocks[0]) {
goto bail;
}
actionList = scconf_find_list(event_blocks[0],"action");
if (actionList) {
char *lst = scconf_list_strdup(actionList, "\n");
if (lst != NULL) {
printf("%s\n", lst);
free(lst);
}
}
result = 0;
bail:
if (event_blocks) {
free(event_blocks);
}
if (ctx) {
scconf_free(ctx);
}
return result;
}
static int ignored_reader(sc_context_t *ctx, sc_reader_t *reader)
{
if (ctx != NULL && reader != NULL && reader->name != NULL) {
size_t i;
const scconf_list *list;
for (i = 0; ctx->conf_blocks[i]; i++) {
list = scconf_find_list(ctx->conf_blocks[i], "ignored_readers");
while (list != NULL) {
if (strstr(reader->name, list->data) != NULL) {
sc_log(ctx, "Ignoring reader \'%s\' because of \'%s\'\n",
reader->name, list->data);
return 1;
}
list = list->next;
}
}
}
return 0;
}
static int load_parameters(sc_context_t *ctx, scconf_block *block,
struct _sc_ctx_options *opts)
{
int err = 0;
const scconf_list *list;
const char *val, *s_internal = "internal";
const char *debug = NULL;
ctx->debug = scconf_get_int(block, "debug", ctx->debug);
debug = getenv("OPENSC_DEBUG");
if (debug)
ctx->debug = atoi(debug);
val = scconf_get_str(block, "debug_file", NULL);
if (val)
sc_ctx_log_to_file(ctx, val);
val = scconf_get_str(block, "force_card_driver", NULL);
if (val) {
if (opts->forced_card_driver)
free(opts->forced_card_driver);
opts->forced_card_driver = strdup(val);
}
list = scconf_find_list(block, "card_drivers");
if (list != NULL)
del_drvs(opts);
while (list != NULL) {
if (strcmp(list->data, s_internal) == 0)
add_internal_drvs(opts);
else
add_drv(opts, list->data);
list = list->next;
}
return err;
}
static int ctapi_load_module(sc_context_t *ctx,
struct ctapi_global_private_data *gpriv,
scconf_block *conf)
{
const char *val;
struct ctapi_functions funcs;
struct ctapi_module *mod;
const scconf_list *list;
void *dlh;
int r, i, NumUnits;
u8 cmd[5], rbuf[256], sad, dad;
unsigned short lr;
list = scconf_find_list(conf, "ports");
if (list == NULL) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "No ports configured.\n");
return -1;
}
val = conf->name->data;
dlh = sc_dlopen(val);
if (!dlh) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Unable to open shared library '%s': %s\n", val, sc_dlerror());
return -1;
}
funcs.CT_init = (CT_INIT_TYPE *) sc_dlsym(dlh, "CT_init");
if (!funcs.CT_init)
goto symerr;
funcs.CT_close = (CT_CLOSE_TYPE *) sc_dlsym(dlh, "CT_close");
if (!funcs.CT_close)
goto symerr;
funcs.CT_data = (CT_DATA_TYPE *) sc_dlsym(dlh, "CT_data");
if (!funcs.CT_data)
goto symerr;
mod = add_module(gpriv, val, dlh);
for (; list != NULL; list = list->next) {
int port;
char namebuf[128];
char rv;
sc_reader_t *reader;
struct ctapi_private_data *priv;
if (sscanf(list->data, "%d", &port) != 1) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Port '%s' is not a number.\n", list->data);
continue;
}
rv = funcs.CT_init((unsigned short)mod->ctn_count, (unsigned short)port);
if (rv) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "CT_init() failed with %d\n", rv);
continue;
}
reader = calloc(1, sizeof(sc_reader_t));
priv = calloc(1, sizeof(struct ctapi_private_data));
if (!priv || !reader) {
free(reader);
free(priv);
return SC_ERROR_OUT_OF_MEMORY;
}
reader->drv_data = priv;
reader->ops = &ctapi_ops;
reader->driver = &ctapi_drv;
snprintf(namebuf, sizeof(namebuf), "CT-API %s, port %d", mod->name, port);
reader->name = strdup(namebuf);
priv->funcs = funcs;
priv->ctn = mod->ctn_count;
r = _sc_add_reader(ctx, reader);
if (r) {
funcs.CT_close((unsigned short)mod->ctn_count);
free(priv);
free(reader->name);
free(reader);
break;
}
/* Detect functional units of the reader according to CT-BCS spec version 1.0
(14.04.2004, http://www.teletrust.de/down/mct1-0_t4.zip) */
cmd[0] = CTBCS_CLA;
cmd[1] = CTBCS_INS_STATUS;
cmd[2] = CTBCS_P1_CT_KERNEL;
cmd[3] = CTBCS_P2_STATUS_TFU;
cmd[4] = 0x00;
dad = 1;
sad = 2;
lr = 256;
rv = priv->funcs.CT_data(priv->ctn, &dad, &sad, 5, cmd, &lr, rbuf);
if (rv || (lr < 4) || (rbuf[lr-2] != 0x90)) {
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL, "Error getting status of terminal: %d, using defaults\n", rv);
}
if (rbuf[0] != CTBCS_P2_STATUS_TFU) {
/* Number of slots might also detected by using CTBCS_P2_STATUS_ICC.
If you think that's important please do it... ;) */
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL, "Invalid data object returnd on CTBCS_P2_STATUS_TFU: 0x%x\n", rbuf[0]);
}
NumUnits = rbuf[1];
if (NumUnits + 4 > lr) {
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL, "Invalid data returnd: %d functional units, size %d\n", NumUnits, rv);
}
priv->ctapi_functional_units = 0;
for(i = 0; i < NumUnits; i++) {
switch(rbuf[i+2]) {
case CTBCS_P1_INTERFACE1:
case CTBCS_P1_INTERFACE2:
case CTBCS_P1_INTERFACE3:
case CTBCS_P1_INTERFACE4:
case CTBCS_P1_INTERFACE5:
case CTBCS_P1_INTERFACE6:
case CTBCS_P1_INTERFACE7:
case CTBCS_P1_INTERFACE8:
case CTBCS_P1_INTERFACE9:
case CTBCS_P1_INTERFACE10:
case CTBCS_P1_INTERFACE11:
case CTBCS_P1_INTERFACE12:
case CTBCS_P1_INTERFACE13:
case CTBCS_P1_INTERFACE14:
/* Maybe a weak point here if multiple interfaces are present and not returned
in the "canonical" order. This is not forbidden by the specs, but why should
anyone want to do that? */
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL, "Found slot id 0x%x\n", rbuf[i+2]);
break;
case CTBCS_P1_DISPLAY:
priv->ctapi_functional_units |= CTAPI_FU_DISPLAY;
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL, "Display detected\n");
break;
case CTBCS_P1_KEYPAD:
priv->ctapi_functional_units |= CTAPI_FU_KEYBOARD;
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL, "Keypad detected\n");
break;
case CTBCS_P1_PRINTER:
priv->ctapi_functional_units |= CTAPI_FU_PRINTER;
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL, "Printer detected\n");
break;
case CTBCS_P1_FINGERPRINT:
case CTBCS_P1_VOICEPRINT:
case CTBCS_P1_DSV:
case CTBCS_P1_FACE_RECOGNITION:
case CTBCS_P1_IRISSCAN:
priv->ctapi_functional_units |= CTAPI_FU_BIOMETRIC;
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL, "Biometric sensor detected\n");
break;
default:
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL, "Unknown functional unit 0x%x\n", rbuf[i+2]);
}
}
/* CT-BCS does not define Keyboard/Display for each slot, so I assume
those additional units can be used for each slot */
if (priv->ctapi_functional_units) {
if (priv->ctapi_functional_units & CTAPI_FU_KEYBOARD)
reader->capabilities |= SC_READER_CAP_PIN_PAD;
if (priv->ctapi_functional_units & CTAPI_FU_DISPLAY)
reader->capabilities |= SC_READER_CAP_DISPLAY;
}
ctapi_reset(reader);
refresh_attributes(reader);
mod->ctn_count++;
}
return 0;
symerr:
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Unable to resolve CT-API symbols.\n");
sc_dlclose(dlh);
return -1;
}
static int load_card_atrs(sc_context_t *ctx)
{
struct sc_card_driver *driver;
scconf_block **blocks;
int i, j, k;
for (i = 0; ctx->conf_blocks[i] != NULL; i++) {
blocks = scconf_find_blocks(ctx->conf, ctx->conf_blocks[i], "card_atr", NULL);
if (!blocks)
continue;
for (j = 0; blocks[j] != NULL; j++) {
scconf_block *b = blocks[j];
char *atr = b->name->data;
const scconf_list *list;
struct sc_atr_table t;
const char *dname;
driver = NULL;
if (strlen(atr) < 4)
continue;
/* The interesting part. If there's no card
* driver assigned for the ATR, add it to
* the default driver. This will reduce the
* amount of code required to process things
* related to card_atr blocks in situations,
* where the code is not exactly related to
* card driver settings, but for example
* forcing a protocol at the reader driver.
*/
dname = scconf_get_str(b, "driver", "default");
/* Find the card driver structure according to dname */
for (k = 0; ctx->card_drivers[k] != NULL; k++) {
driver = ctx->card_drivers[k];
if (!strcmp(dname, driver->short_name))
break;
driver = NULL;
}
if (!driver)
continue;
memset(&t, 0, sizeof(struct sc_atr_table));
t.atr = atr;
t.atrmask = (char *) scconf_get_str(b, "atrmask", NULL);
t.name = (char *) scconf_get_str(b, "name", NULL);
t.type = scconf_get_int(b, "type", SC_CARD_TYPE_UNKNOWN);
list = scconf_find_list(b, "flags");
while (list != NULL) {
unsigned int flags;
if (!list->data) {
list = list->next;
continue;
}
flags = 0;
if (!strcmp(list->data, "rng")) {
flags = SC_CARD_FLAG_RNG;
} else {
if (sscanf(list->data, "%x", &flags) != 1)
flags = 0;
}
t.flags |= flags;
list = list->next;
}
t.card_atr = b;
_sc_add_atr(ctx, driver, &t);
}
free(blocks);
}
return SC_SUCCESS;
}
static int parse_type(const scconf_context * config, const scconf_block * block, scconf_entry * entry, int depth)
{
void *parm = entry->parm;
size_t *len = (size_t *) entry->arg;
int (*callback_func) (const scconf_context * config, const scconf_block * block, scconf_entry * entry, int depth) =
(int (*)(const scconf_context *, const scconf_block *, scconf_entry *, int)) parm;
int r = 0;
if (config->debug) {
fprintf(stderr, "decoding '%s'\n", entry->name);
}
switch (entry->type) {
case SCCONF_CALLBACK:
if (parm) {
r = callback_func(config, block, entry, depth);
}
break;
case SCCONF_BLOCK:
if (parm) {
r = parse_entries(config, block, (scconf_entry *) parm, depth + 1);
}
break;
case SCCONF_LIST:
{
const scconf_list *val = scconf_find_list(block, entry->name);
if (!val) {
r = 1;
break;
}
if (parm) {
if (entry->flags & SCCONF_ALLOC) {
scconf_list *dest = NULL;
for (; val != NULL; val = val->next) {
if (!scconf_list_add(&dest, val->data)) {
r = 1;
break;
}
}
*((scconf_list **) parm) = dest;
} else {
*((const scconf_list **) parm) = val;
}
}
if (entry->flags & SCCONF_VERBOSE) {
char *buf = scconf_list_strdup(val, ", ");
printf("%s = %s\n", entry->name, buf);
free(buf);
}
}
break;
case SCCONF_BOOLEAN:
{
int val = scconf_get_bool(block, entry->name, 0);
if (parm) {
*((int *) parm) = val;
}
if (entry->flags & SCCONF_VERBOSE) {
printf("%s = %s\n", entry->name, val == 0 ? "false" : "true");
}
}
break;
case SCCONF_INTEGER:
{
int val = scconf_get_int(block, entry->name, 0);
if (parm) {
*((int *) parm) = val;
}
if (entry->flags & SCCONF_VERBOSE) {
printf("%s = %i\n", entry->name, val);
}
}
break;
case SCCONF_STRING:
{
const char *val = scconf_get_str(block, entry->name, NULL);
int vallen = val ? strlen(val) : 0;
if (!vallen) {
r = 1;
break;
}
if (parm) {
if (entry->flags & SCCONF_ALLOC) {
char **buf = (char **) parm;
*buf = malloc(vallen + 1);
if (*buf == NULL) {
r = 1;
break;
}
memset(*buf, 0, vallen + 1);
if (len) {
*len = vallen;
}
parm = *buf;
}
memcpy((char *) parm, val, vallen);
}
if (entry->flags & SCCONF_VERBOSE) {
printf("%s = %s\n", entry->name, val);
}
}
break;
default:
fprintf(stderr, "invalid configuration type: %d\n", entry->type);
}
if (r) {
fprintf(stderr, "decoding of configuration entry '%s' failed.\n", entry->name);
return r;
}
entry->flags |= SCCONF_PRESENT;
return 0;
}
int
sc_pkcs15_bind_synthetic(sc_pkcs15_card_t *p15card)
{
sc_context_t *ctx = p15card->card->ctx;
scconf_block *conf_block, **blocks, *blk;
sc_pkcs15emu_opt_t opts;
int i, r = SC_ERROR_WRONG_CARD;
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
memset(&opts, 0, sizeof(opts));
conf_block = NULL;
conf_block = sc_get_conf_block(ctx, "framework", "pkcs15", 1);
if (!conf_block) {
/* no conf file found => try bultin drivers */
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "no conf file (or section), trying all builtin emulators\n");
for (i = 0; builtin_emulators[i].name; i++) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "trying %s\n", builtin_emulators[i].name);
r = builtin_emulators[i].handler(p15card, &opts);
if (r == SC_SUCCESS)
/* we got a hit */
goto out;
}
} else {
/* we have a conf file => let's use it */
int builtin_enabled;
const scconf_list *list, *item;
builtin_enabled = scconf_get_bool(conf_block, "enable_builtin_emulation", 1);
list = scconf_find_list(conf_block, "builtin_emulators"); /* FIXME: rename to enabled_emulators */
if (builtin_enabled && list) {
/* get the list of enabled emulation drivers */
for (item = list; item; item = item->next) {
/* go through the list of builtin drivers */
const char *name = item->data;
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "trying %s\n", name);
for (i = 0; builtin_emulators[i].name; i++)
if (!strcmp(builtin_emulators[i].name, name)) {
r = builtin_emulators[i].handler(p15card, &opts);
if (r == SC_SUCCESS)
/* we got a hit */
goto out;
}
}
}
else if (builtin_enabled) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "no emulator list in config file, trying all builtin emulators\n");
for (i = 0; builtin_emulators[i].name; i++) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "trying %s\n", builtin_emulators[i].name);
r = builtin_emulators[i].handler(p15card, &opts);
if (r == SC_SUCCESS)
/* we got a hit */
goto out;
}
}
/* search for 'emulate foo { ... }' entries in the conf file */
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "searching for 'emulate foo { ... }' blocks\n");
blocks = scconf_find_blocks(ctx->conf, conf_block, "emulate", NULL);
for (i = 0; blocks && (blk = blocks[i]) != NULL; i++) {
const char *name = blk->name->data;
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "trying %s\n", name);
r = parse_emu_block(p15card, blk);
if (r == SC_SUCCESS) {
free(blocks);
goto out;
}
}
if (blocks)
free(blocks);
}
/* Total failure */
return SC_ERROR_WRONG_CARD;
out: if (r == SC_SUCCESS) {
p15card->magic = SC_PKCS15_CARD_MAGIC;
p15card->flags |= SC_PKCS15_CARD_FLAG_EMULATED;
} else if (r != SC_ERROR_WRONG_CARD) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Failed to load card emulator: %s\n",
sc_strerror(r));
}
return r;
}
